Re: predictable IP ID

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 4 Oct 1999 14:02:54 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Savochkin Andrey Vladimirovich: "Re: predictable IP ID"
Previous message: Jarmo Paavilainen: "SV: access beyond end of device errors in 2.2.12/13pre12"

> - IP ID generation for raw packets were fixed.
>
> What do you think about the patch?

The IP id generation fix looks fine. The rest of it looks like sheer lunacy.
The IP sequence number is a mere 16bits. The worst you can do by predicting
it is to cause the odd packet to be lost. There is no real world evidence
tht throwing that giant pile of code, and huge AVL tree into the kernel
improves or fixes any kind of real world security issue. It adds some nice
performance harming features to the kernel in the process.

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Savochkin Andrey Vladimirovich: "Re: predictable IP ID"
Previous message: Jarmo Paavilainen: "SV: access beyond end of device errors in 2.2.12/13pre12"